William Stallings
Data and Computer
Communications
Chapter 18
Network Security
Security Requirements
Confidentiality
Integrity
Availability
Passive Attacks
Eavesdropping on transmissions
To obtain information
Release of message contents
Outsider learns content of transmission
Traffic analysis
By monitoring frequency and length of messages,
even encrypted, nature of communication may be
guessed
Difficult to detect
Can be prevented
Active Attacks
Masquerade
Pretending to be a different entity
Replay
Modification of messages
Denial of service
Easy to detect
Detection may lead to deterrent
Hard to prevent
Security Threats
Conventional Encryption
Ingredients
Plain text
Encryption algorithm
Secret key
Cipher text
Decryption algorithm
Requirements for Security
Strong encryption algorithm
Even if known, should not be able to decrypt or work
out key
Even if a number of cipher texts are available
together with plain texts of them
Sender and receiver must obtain secret key
securely
Once key is known, all communication using this
key is readable
Attacking Encryption
Crypt analysis
Relay on nature of algorithm plus some knowledge of
general characteristics of plain text
Attempt to deduce plain text or key
Brute force
Try every possible key until plain text is achieved
Algorithms
Block cipher
Process plain text in fixed block sizes producing block
of cipher text of equal size
Data encryption standard (DES)
Triple DES (TDES)
Data Encryption Standard
US standard
64 bit plain text blocks
56 bit key
DES
Encryption
Algorithm
DES Single
Iteration
Strength of DES
Declared insecure in 1998
Electronic Frontier Foundation
DES Cracker machine
DES now worthless
Alternatives include TDEA
Triple DEA
ANSI X9.17 (1985)
Incorporated in DEA standard 1999
Uses 3 keys and 3 executions of DEA algorithm
Effective key length 168 bit
Location of Encryption Devices
Link Encryption
Each communication link equipped at both ends
All traffic secure
High level of security
Requires lots of encryption devices
Message must be decrypted at each switch to
read address (virtual circuit number)
Security vulnerable at switches
Particularly on public switched network
End to End Encryption
Encryption done at ends of system
Data in encrypted form crosses network
unaltered
Destination shares key with source to decrypt
Host can only encrypt user data
Otherwise switching nodes could not read header or
route packet
Traffic pattern not secure
Use both link and end to end
Key Distribution
Key selected by A and delivered to B
Third party selects key and delivers to A and B
Use old key to encrypt and transmit new key
from A to B
Use old key to transmit new key from third party
to A and B
Automatic Key Distribution
(diag)
Automatic Key Distribution
Session Key
Used for duration of one logical connection
Destroyed at end of session
Used for user data
Permanent key
Used for distribution of keys
Key distribution center
Determines which systems may communicate
Provides one session key for that connection
Front end processor
Performs end to end encryption
Obtains keys for host
Traffic Padding
Produce cipher text continuously
If no plain text to encode, send random data
Make traffic analysis impossible
Message Authentication
Protection against active attacks
Falsification of data
Eavesdropping
Message is authentic if it is genuine and comes
from the alleged source
Authentication allows receiver to verify that
message is authentic
Message has not altered
Message is from authentic source
Message timeline
Authentication Using
Encryption
Assumes sender and receiver are only entities
that know key
Message includes:
error detection code
sequence number
time stamp
Authentication Without
Encryption
Authentication tag generated and appended to
each message
Message not encrypted
Useful for:
Messages broadcast to multiple destinations
Have one destination responsible for authentication
One side heavily loaded
Encryption adds to workload
Can authenticate random messages
Programs authenticated without encryption can be
executed without decoding